Account Security Options

Account owners can optionally enable several additional security features. If enabled, these features will affect all users in the account.

Revoke access to account for inactive users after 90 days of inactivity.

Prerequisites:

The account must have at least two OWNER users to enable this setting.

If this option is enabled, any user who has not logged on within 90 days will have access revoked for the accounts with this setting enabled. Users are notified through email 10 days and 1 day prior to account access revocation. Upon revoking a user’s account access, an account owner can reinvite the user back into the account through the console.

Important: Owners can also have access for the account revoked if they do not log in. An account can end up with no owners this way. If this occurs, please contact us at support@instaclustr.com for assistance.

Enhanced console session security.

If this option is enabled, this will result all users in the account to be logged out of the Instaclustr Console 30 minutes after login or after 15 minutes of inactivity.

Enhanced password security.

If this option is enabled, this will enforce additional password restrictions for all users in the account. These restrictions are as follows:

Multifactor Authentication (MFA) will be enforced on all users in an account. Users who do not already have MFA enabled will be forced to set up the MFA requirements to access the account when they next log in.

Passwords expire after 90 days. A user with an expired password will then be required to change their password before logging in.

When changing passwords, the previous 5 passwords cannot be used.

Five consecutive failed login attempts in a 30 minute period will result in a lockout for 30 minutes. A user who is locked out this way will be prevented from logging in during this time.

The lockout period ends if:

30 minutes passes, or

The account owner unlocks the user through a button on the console , or

The user resets their own password through existing mechanisms (clicking on a link, receiving a password reset email with a token).